[Gllug] It is not Microsoft
James Courtier-Dutton
james.dutton at gmail.com
Fri Jan 9 15:46:10 UTC 2009
2009/1/9 Hari Sekhon <hpsekhon at googlemail.com>:
> Jose Luis Martinez wrote:
>> 2009/1/9 j.roberts <j.roberts at stabilys.com>:
>>
>>> John Edwards wrote:
>>>
>>>> On Fri, Jan 09, 2009 at 01:05:04PM +0000, Bernard Peek wrote:
>>>> <snip>
>>>>
>>>>> You and I know that there is no risk in running Linux from a live CD.
>>>>>
>>>> <snip>
>>>>
>>>> Having setup Windows and Linux machines for use in public space, I
>>>> think there *are* some serious risks in allowing people to boot off
>>>> their own CDROMs.
>>>>
>>>> These include the ability to access the hard drive to install
>>>> malware or reseting the Windows Administrator password, or gain
>>>> unrestricted access to the local network.
>>>>
>>> Absolutely correct: this is how we gain access to Win Server and w/s
>>> machines where the password is lost.
>>>
>>> So administrators are right to be concerned.
>>>
>>> The proper answer is dedicated machines, unfortunately...
>>>
>>> MeJ
>>>
>>
>>
>> The machines are to be exposed irrespective of what OS is used.
>>
>> The best solution would be to do automatic nightly re-installs,
>> anything else is either too expensive or risky.
>>
> Encrypted Hard Disks.
>
> -h
>
If I was doing a training environment, I would try to use thin
clients, that had no hard disk at all. So a simple power cycle would
reset them to their original config.
One could then easily switch the client machine between windows and Linux.
The actual content etc. would then be centralized on a Citrix or
similar server (e.g. NX).
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list